|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface AccessControllerProtocol
A custom protocol defined for maintaining and querying access control lists.
Field Summary | |
---|---|
static long |
VERSION
|
Method Summary | |
---|---|
void |
checkPermissions(Permission[] permissions)
Checks whether the given Permissions will pass the access checks for the current user. |
List<UserPermission> |
getUserPermissions(byte[] tableName)
Queries the permissions currently stored for the given table, returning a list of currently granted permissions, along with the user or group each is associated with. |
void |
grant(byte[] user,
TablePermission permission)
Deprecated. Use revoke(UserPermission userPermission) instead |
void |
grant(UserPermission userPermission)
Grants the given user or group the privilege to perform the given actions |
void |
revoke(byte[] user,
TablePermission permission)
Deprecated. Use revoke(UserPermission userPermission) instead |
void |
revoke(UserPermission userPermission)
Revokes a previously granted privilege from a user or group. |
Methods inherited from interface org.apache.hadoop.hbase.ipc.VersionedProtocol |
---|
getProtocolSignature, getProtocolVersion |
Field Detail |
---|
static final long VERSION
Method Detail |
---|
void grant(UserPermission userPermission) throws IOException
userPermission
- the details of the provided user permissions
IOException
- if the grant could not be applied@Deprecated void grant(byte[] user, TablePermission permission) throws IOException
revoke(UserPermission userPermission)
instead
TablePermission
user
- the user name, or, if prefixed with "@", group name receiving
the grantpermission
- the details of the provided permissions
IOException
- if the grant could not be appliedvoid revoke(UserPermission userPermission) throws IOException
TablePermission
details must exactly match
a stored grant. For example, if user "bob" has been granted "READ" access
to table "data", over column family and qualifer "info:colA", then the
table, column family and column qualifier must all be specified.
Attempting to revoke permissions over just the "data" table will have
no effect.
permission
- the details of the previously granted permission to revoke
IOException
- if the revocation could not be performed@Deprecated void revoke(byte[] user, TablePermission permission) throws IOException
revoke(UserPermission userPermission)
instead
TablePermission
details must exactly match
a stored grant. For example, if user "bob" has been granted "READ" access
to table "data", over column family and qualifer "info:colA", then the
table, column family and column qualifier must all be specified.
Attempting to revoke permissions over just the "data" table will have
no effect.
user
- the user name, or, if prefixed with "@", group name whose
privileges are being revokedpermission
- the details of the previously granted permission to revoke
IOException
- if the revocation could not be performedList<UserPermission> getUserPermissions(byte[] tableName) throws IOException
tableName
- the table of the permission grants to return
IOException
- if there is an error querying the permissionsvoid checkPermissions(Permission[] permissions) throws IOException
permissions
- to check for. Permission subclasses can be used
to do more specific checks at the table/family/column level.
IOException
- if there is an error checking the permissions
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |